Re: Wireless Pentest Question

From: Erik Winkler (ewinkler@erols.com)
Date: Mon Feb 07 2005 - 11:51:49 EST


Arvind,

Better yet, if you have access to an Apple laptop, use KisMAC
(http://kismac.binaervarianz.de/). The latest alpha (beta in my
opinion) version is available at http://alpha.binaervarianz.de/ and
supports the enhanced FMS WEP attacks used in Airsnort and Aircrack.
It can also generate traffic like aircrack, but can accomplish this
using a single Prism2 PCMCIA or USB device instead of the 2 required by
aircrack (aireplay). Also supports dictionary attack testing against
WPA, LEAP, and 128-bit WEP protected networks.

Erik

On Feb 6, 2005, at 11:38 PM, Harshul Nayak wrote:

> hello arvind,
>
> To crack the WEP key you would need approximately 5-10 million
> encrypted
> packets to be gathered as mentioned by AirSnort
> (http://airsnort.shmoo.com/)
>
> Also try aircrack (http://www.cr0.net:8040/code/network/) to generate
> traffic and it's one of the fastest WEP cracking tool.
>
> cheers
> Harshul
>
> CRL (Computer Crime Research Lab)
> Patni Computer Systems Limited,India.
>
> -----Original Message-----
> From: Arvind Sood [mailto:asood74@gmail.com]
> Sent: Saturday, February 05, 2005 8:43 PM
> To: pen-test@securityfocus.com
> Subject: Wireless Pentest Question
>
>
> Hi,
>
> Based on recent mails regarding articles found here for wireless pen
> testing. Using all the tools desribed here requires capturing
> interesting packets (unique RC4 IV) in a packet capture.
>
> http://www.securityfocus.com/infocus/1814
>
> The problem relates to creating traffic on a wireless network in case
> you dont find a lot of traffic for a good capture. Is there any way
> you can create traffic on a WEP network without knowing
> - the IP Address (address range) the Access Point and wireless clients
> are using
> - the WEP key being used (makes sense - that is why you are running a
> WEP
> crack)
>
> The closest I see of this is the aireplay tool (this can be found on
> the AUDITOR CD mentioned in teh article). This basically replays any
> arp requests found in a capture. However I could not get aireplay to
> run (gave me a Segmentation error).
>
> of course WEP uses a session key - so session replay is not a
> possibility. Does anyone know of any tool/ method to create wireless
> traffic to assist in a good capture
>
> Best regards
> Arvind
>
>
>
> http://www.patni.com
> World-Wide Partnerships. World-Class Solutions.
> _____________________________________________________________________
>
> This e-mail message may contain proprietary, confidential or legally
> privileged information for the sole use of the person or entity to
> whom this message was originally addressed. Any review, e-transmission
> dissemination or other use of or taking of any action in reliance upon
> this information by persons or entities other than the intended
> recipient is prohibited. If you have received this e-mail in error
> kindly delete this e-mail from your records. If it appears that this
> mail has been forwarded to you without proper authority, please notify
> us immediately at netadmin@patni.com and delete this mail.
> _____________________________________________________________________



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:15 EDT